This is pretty interesting: there’s a new worm called Downandup that basically uses social engineering to spread itself.
Take a look at that screenshot. Notice anything weird?
When you insert a USB drive, it usually says something like “Open folder to view files.” Fair enough. But notice that there is a program that says the same thing “published by Microsoft.” That’s the trick. It basically convinces you that its a system action when it’s really an application. Tricksy tricksy.
Crap like this is why I switched to Linux: I got so tired of having to be ever-vigilant for the next INEVITIBLE vulnerability. And no, Apple was never an option as I still prefer freedom.
And you simply cannot beat the price! FREE!
There are a lot of other viruses/malware that do this but what makes Downadup unique is the combination of features it has. They went all out when they created this one.
My favorite is the way the bad guys connect to the machines. It deffinetly makes it much harder for them to be traced.
@TheHoldSteady
Please stop drinking your penguin juice and notice that this is not a vulnerability but stupidity in part of the user.
You would think that there would be reserved strings that you might not be able to use so the app you are not supposed to click is not easily presentable as one from the system…
It’s a flaw, hence it poses a vulnerability.
Or you are one of those control freaks that read eeeevery siiiingle wooord of what you are about to click?
Conficker sucks!
Thanks for the great post, tricky but effective/dangerous!
@whiskey;;
it doesn’t make a difference, the flaw has been patched already, it only matters to the user whether or not they’ve updated their system software.
clever, but looks fishy. U can easily download this worm on ur computer… very hard to get rid of… already infected about 9 million people…expected to reach 15-20 million infections…SCARY!!! AHHHHHH!!!!!!!